Health care vendors, such as, without limitation, health insurance providers or pharmaceutical companies, would like to have access to databases that are maintained by health care providers, such as physician groups, hospitals, physical or occupational therapy groups, among others, which contain the name, address and private health information of its patients. The private information would be used by the health care vendor to help the health care vendor to decide which products and/or services should be advertised to each patient. Studies have confirmed the more a direct mail offer can be customized for a particular intended recipient, for example to include some personal information relating to the recipient, the more likely that it is to be successful. Such customized direct mail, however, requires knowledge of the personal and/or confidential information of the intended recipient. The problem is that in the United States, the privacy of such information is protected by the Health Insurance Portability and Accountability Act of 1996, commonly known as HIPAA, and most patients would not want the information to be in the hands of health care vendors who may not be able to be trusted to keep that information private and which normally are not bound by any type of privacy obligation.
Thus, there is a need for a system and method by which a services vendor can provide targeted advertising to recipients based on each recipients' private personal information, while at the same time maintaining the confidentiality of that information.